Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
The life cycle of Windows 8, the first operating system Microsoft intended for both desktop and mobile use, has ended. After this January 2016 Patch Tuesday release, users who have not yet updated /upgraded to Windows 8.1 (which was made available in late 2013) or Windows 10 will stop receiving updates.
That’s the message from our latest report in our Forward-Looking Threat Research Team’s (FTR)Cybercrime Underground Economies Series focusing on the Brazilian Underground: “Ascending the Ranks: The Brazilian Cybercriminal Underground in 2015.” This is our second paper highlighting the Brazilian Underground.
Will this week’s arrests of a “main target” and another suspect tied to the distributed denial-of-service extortion group known as DD4BC, or DDoS for Bitcoin, deter copycats from continuing to wage similar schemes? Tom Kellermann, chief cybersecurity officer at the security firm Trend Micro, is among the experts who don’t anticipate a deterrent effect.
In mid-August 2015, Turkish security group Otku Sen published an open source code for ransomware dubbed “Hidden Tear” and made it available for everyone at GitHub. Unfortunately, anyone on the internet can disregard this warning. This became evident when Trend Micro discovered a hacked website in Paraguay that distributed ransomware detected as RANSOM_CRYPTEAR.B.
The costs of cyberattacks have significantly affected corporate bottom lines, and nation-state attacks have threatened the security of entire countries, renewing the focus on and demand for cyberdefense. We need to move beyond the utility approach of connecting and moving data from one place to another toward viewing and auditing actual systems process events in real time.
Agency IT managers who believe they do not have the resources to adequately fight cybersecurity threats got some backing from industry experts who voiced the same concerns to Congress. At a Jan. 8 hearing, Larry Clinton, president and CEO of the Internet Security Alliance, told lawmakers that the government must invest more in cybersecurity and act with greater urgency.
Unfortunately, the lack of cybersecurity isn’t just a problem in a galaxy far, far away — it’s a very real problem happening in our own backyard. Here are a few examples, both from the movies and from real life – Lack of encryption, unsecured ports and the Death Star has zero intrusion detection systems.
Please add your thoughts in the comments below or follow me on Twitter; @ChristopherBudd.